


package org.springframework.security.samples.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;

@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled=true) //securedEnabled,  prePostEnabled
public class SecurityConfig extends WebSecurityConfigurerAdapter {

	// @formatter:off
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.authorizeRequests()
					.antMatchers("/css/**", "/index").permitAll()
					.antMatchers("/user/**").hasRole("USER")
					.and().formLogin().loginPage("/login").failureUrl("/login-error")
					;
	}
	// @formatter:on
 
	// @formatter:off
	@Autowired
	public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
		auth
			.inMemoryAuthentication()
				.withUser(User.withDefaultPasswordEncoder().username("q").password("q").roles("Q"))
				.withUser(User.withDefaultPasswordEncoder().username("tom").password("tom").roles("USER"))
				.withUser(User.withDefaultPasswordEncoder().username("jack").password("jack").roles("USER", "ADMIN"))
				.withUser(User.withDefaultPasswordEncoder().username("lucy").password("lucy").roles("USER", "ADMIN", "CHECKER"))
				.withUser(User.withDefaultPasswordEncoder().username("andy").password("andy").roles("USER", "ADMIN", "MAKER"));
	}
	// @formatter:on
}